[WEB SECURITY] IE7 Phishing Filter Tells Microsoft The URLS You Visit?
Chris Weber
chris at lookout.net
Tue Dec 19 16:39:58 EST 2006
You can always disable it, I think the first time it activates it tells you
what it's gonna do. Firefox has something similar in the works don't they?
And Google toolbar does too. Checking/sending internal IP addresses though,
that's just bad... likely a design bug. Maybe they felt the need to send
all because of the complexity of dotless IP notations, although that should
be catchable down in the WININET pipeline...
-----Original Message-----
From: bugtraq at cgisecurity.net [mailto:bugtraq at cgisecurity.net]
Sent: Tuesday, December 19, 2006 12:02 PM
To: websecurity at webappsec.org
Subject: [WEB SECURITY] IE7 Phishing Filter Tells Microsoft The URLS You
Visit?
According to SPI Labs IE7 sends personal information on urls that you
request to Microsoft.
Link: http://portal.spidynamics.com/blogs/spilabs/
- Robert
http://www.cgisecurity.com/ Web Application Security news and more
http://www.cgisecurity.com/index.rss [RSS Feed]
----------------------------------------------------------------------------
The Web Security Mailing List:
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
----------------------------------------------------------------------------
The Web Security Mailing List:
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
More information about the websecurity
mailing list